What is claimed is: 



1 1 . An apparatus comprising: 

2 one or more cryptographic units; and 

3 a memory to store one or more data encryption keys and an associated 

4 header for the one or more data encryption keys, wherein the associated header 

5 defines which of the one or more cryptographic units are to use the data encryption 

6 key. 

1 2. The apparatus of claim 1 , wherein the associated header defines a usage type 

2 for the data encryption key. 

1 3. The apparatus of claim 2 further comprising a controller to restrict which of 

2 the one more cryptographic units are to use the data encryption key and a type of 

3 operation based on the associated header for the data encryption key. 

1 4. The apparatus of claim 1 , wherein the associated header defines an 

2 identification of a key encryption key used to encrypt the one or more data 

3 encryption keys. 

1 5. The apparatus of claim 1 , wherein the one or more cryptographic units is 

2 from a group consisting of an advanced encryption standard unit, a data encryption 

3 standard unit, a message digest unit and a secure hash algorithm unit or an 

4 exponential algorithmic unit. 

16. An apparatus comprising: 

2 a cryptographic processor within a wireless device, the cryptographic 

3 processor comprising: 

4 a first cryptographic unit to generate an intermediate result from 

5 execution of a first operation; and 
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6 a second cryptographic unit to generate a final result from execution 

7 of a second operation based on the intermediate result, wherein the intermediate 

8 result is not accessible external to the cryptographic processor. 

1 7. The apparatus of claim 6, wherein the first cryptographic unit and the second 

2 cryptographic unit are from a group consisting of an advanced encryption standard 

3 unit, a data encryption standard unit, a message digest unit and a secure hash 

4 algorithm unit or an exponential algorithmic unit. 

1 8. The apparatus of claim 6, wherein the first operation includes the use of a 

2 cryptographic key, wherein the cryptographic key is not loaded into the first 

3 cryptographic unit until the cryptographic key is authenticated. 

1 9. A system comprising 

2 a dipole antenna to receive a communication; 

3 an application processor to generate a primitive instruction for a 

4 cryptographic operation that is to use a cryptographic key based on the 

5 communication; and 

6 a cryptographic processor that comprises: 

7 a memory to store the cryptographic key; 

8 a number of cryptographic units, wherein one of the number of 

9 cryptographic units is to generate a challenge to the use of the cryptographic key, 

10 wherein the application processor is to generate a response to the challenge; and 

11 a controller to load the cryptographic key into one of the number of 

12 cryptographic units for execution of the cryptographic operation if the response is 

13 correct. 

1 1 0. The system of claim 9, wherein the cryptographic processor further 

2 comprises a nonvolatile memory that is to store a number of microcode instructions, 



Atty. Dkt No.:884.B58USl 



Client No.: P17913 



3 wherein the controller is to load the cryptographic key into one of the number of 

4 cryptographic units based on at least part of the number of microcode instructions. 



1 11. The system of claim 9, wherein the controller is to abort execution of the 

2 cryptographic operation if the response is not correct. 

1 12. The system of claim 9, wherein the response includes a hash of a password 

2 associated with the cryptographic key. 

1 13. A system comprising: 

2 an application processor, within a wireless device, to generate a primitive 

3 instruction related to a cryptographic operation; and 

4 a cryptographic processor, within the wireless device, the cryptographic 

5 processor comprising: 

6 a controller to receive the primitive instruction, wherein the 

7 controller is to retrieve a number of microcode instructions from a nonvolatile 

8 memory within the cryptographic processor; 

9 a first functional unit to generate an intermediate result from 

10 execution of a first operation based on a first of the number of microcode 

1 1 instructions; and 

12 a second functional unit to generate a final result for the 

1 3 cryptographic operation based on the intermediate result, from execution of a 

14 second operation based on a second of the number of microcode instructions, 

15 wherein the intermediate result is not accessible external to the cryptographic 

16 processor. 

1 14. The system of claim 13, wherein the cryptographic processor further 

2 comprises a volatile memory to store a cryptographic key. 
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1 15. The system of claim 14, wherein the second functional unit is to use the 

2 cryptographic key to generate the final result, wherein the controller is not to load 

3 the cryptographic key into the second functional unit until the application processor 

4 is to authenticate the cryptographic key. 

1 16. A method comprising: 

2 receiving a primitive instruction into a cryptographic processor, for 

3 execution of a cryptographic operation that uses a data encryption key that is 

4 protected within the cryptographic processor; 

5 retrieving the data encryption key and an associated header for the data 

6 encryption key, wherein the associated header defines which of one or more 

7 cryptographic units are to use the data encryption key; and 

8 performing an operation within one of the one or more cryptographic units using the 

9 data encryption key, if the associated header defines the one of the one or more 
1 0 cryptographic units. 

1 1 7. The method of claim 1 6, wherein the associated header defines a usage type 

2 for the data encryption key. 

1 18. The method of claim 1 7, wherein performing the operation within one of the 

2 one or more cryptographic units using the data encryption key comprises 

3 performing the operation within one of the one or more cryptographic units using 

4 the data encryption key if a type of the operation is defined by the usage type. 

1 19. A method comprising: 

2 receiving a primitive instruction into a cryptographic processor from an 

3 application executing on an application processor, for execution of a cryptographic 

4 operation that uses a cryptographic key that is protected within the cryptographic 

5 processor; 
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6 generating a challenge for use of the cryptographic key back to the 

7 application; 

8 receiving a response to the challenge into the cryptographic processor from 

9 the application; 

10 performing the following operations, if the response is correct: 

1 1 loading the cryptographic key into a functional unit of the 

1 2 cryptographic processor; and 

1 3 executing an operation within the functional unit using the cryptographic key. 

1 20. The method of claim 19, further comprising aborting execution of the 

2 primitive instruction if the response is not correct. 

1 21 . The method of claim 19, wherein receiving the response to the challenge 

2 into the cryptographic processor from the application includes receiving a hash of a 

3 password associated with the cryptographic key. 

1 22. The method of claim 2 1 , wherein performing the following operations, if the 

2 response is correct comprises performing the following operations, if the hash of the 

3 password is equal to a hash of the password generated within the cryptographic 

4 processor. 

1 23. A machine-readable medium that provides instructions, which when 

2 executed by a machine, cause said machine to perform operations comprising: 

3 receiving a primitive instruction into a cryptographic processor, for 

4 execution of a cryptographic operation that uses a data encryption key that is 

5 protected within the cryptographic processor; 

6 retrieving the data encryption key and an associated header for the data 

7 encryption key, wherein the associated header defines which of one or more 

8 cryptographic units are to use the data encryption key; and 
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9 performing an operation within one of the one or more cryptographic units 

1 0 using the data encryption key, if the associated header defines the one of the one or 

1 1 more cryptographic units. 

1 24. The machine-readable medium of claim 23, wherein the associated header 

2 defines a usage type for the data encryption key. 

1 25. The machine-readable medium of claim 24, wherein performing the 

2 operation within one of the one or more cryptographic units using the data 

3 encryption key comprises performing the operation within one of the one or more 

4 cryptographic units using the data encryption key if a type of the operation is 

5 defined by the usage type. 

1 26. A machine-readable medium that provides instructions, which when 

2 executed by a machine, cause said machine to perform operations comprising: 

3 receiving a primitive instruction into a cryptographic processor from an 

4 application executing on an application processor, for execution of a cryptographic 

5 operation that uses a cryptographic key that is protected within the cryptographic 

6 processor; 

7 generating a challenge for use of the cryptographic key back to the 

8 application; 

9 receiving a response to the challenge into the cryptographic processor from 

10 the application; 

v. 

1 1 performing the following operations, if the response is correct: 

12 loading the cryptographic key into a functional unit of the 

1 3 cryptographic processor; and 

14 executing an operation within the functional unit using the 

1 5 cryptographic key. 



Atty. Dkt. No.:884.B58USl 



Client No.: P17913 



1 27. The machine-readable medium of claim 26, further comprising aborting 

2 execution of the primitive instruction if the response is not correct. 

1 28. The machine-readable medium of claim 26, wherein receiving the response 

2 to the challenge into the cryptographic processor from the application includes 

3 receiving a hash of a password associated with the cryptographic key. 

1 29. The machine-readable medium of claim 28, wherein performing the 

2 following operations, if the response is correct comprises performing the following 

3 operations, if the hash of the password is equal to a hash of the password generated 

4 within the cryptographic processor. 
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